Exemplo n.º 1
0
 /**
  * Is this a legal id for the server file system?
  * @see is_valid_path()
  * @return boolean
  */
 public function is_valid()
 {
     return is_valid_path($this->_text);
 }
Exemplo n.º 2
0
    $in_ext_path = substr($path, 0, strlen(EXTENSIONS_PATH)) === EXTENSIONS_PATH;
    if (!$in_ext_path) {
        return false;
    }
    // File to serve must be under a `ext_dir/static/` directory.
    $path_relative_to_ext = substr($path, strlen(EXTENSIONS_PATH) + 1);
    $path_splitted = explode('/', $path_relative_to_ext);
    if (count($path_splitted) < 3 || $path_splitted[1] !== 'static') {
        return false;
    }
    return true;
}
$file_name = urldecode($_GET['f']);
$file_type = $_GET['t'];
$absolute_filename = realpath(EXTENSIONS_PATH . '/' . $file_name);
if (!is_valid_path($absolute_filename)) {
    header('HTTP/1.1 400 Bad Request');
    die;
}
switch ($file_type) {
    case 'css':
        header('Content-Type: text/css; charset=UTF-8');
        header('Content-Disposition: inline; filename="' . $file_name . '"');
        break;
    case 'js':
        header('Content-Type: application/javascript; charset=UTF-8');
        header('Content-Disposition: inline; filename="' . $file_name . '"');
        break;
    default:
        header('HTTP/1.1 400 Bad Request');
        die;